Changes between Version 12 and Version 13 of QtWebKitSecurity


Ignore:
Timestamp:
Sep 27, 2011 2:31:00 PM (12 years ago)
Author:
Ademar Reis
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • QtWebKitSecurity

    v12 v13  
    1919Security issues are constantly found and fixed on trunk. In order to keep a supported version of !QtWebKit up-to-date, these issues have to be investigated and, if it's found that they affect QtWebKit, cherry-picked or backported into the stable branch.
    2020
    21 '''Important:''' Per WebKit.org policy, security bugs and vulnerability details are not listed in public announcements until vendors agree on a time and date for disclosure. Bugs usually remain closed to public scrutiny indefinitely. '''Special care should be taken when making release announcements''', specially semi-automated weekly announcements, where security bugs should have their titles omitted.
     21'''IMPORTANT:''' Per WebKit.org policy, security bugs and vulnerability details are not listed in public announcements until vendors agree on a time and date for disclosure. Bugs usually remain closed to public scrutiny indefinitely. '''Special care should be taken when making release announcements''', specially semi-automated weekly announcements, where security bugs should have their titles omitted.
    2222
    2323To monitor trunk, we can use the {{{cherry-pick-into-release-branch.py}}} script. The option {{{--security-bugs-from}}} allows the filtering of a range of git commits to list which ones are security related. For example, to extract a list of security issues fixed in trunk since the branch creation, we can use the following command (notice you'll need proper bugzilla privileges and this will take a while, so you may want to do it incrementally):